Logo: Woodstock Allstar Band

Privacy Policy

We have written this privacy policy (version 17/01/2020-121240054) to explain to you, in accordance with the requirements of the General Data Protection Regulation (DSGVO) (EU) 2016/679, what information we collect, how we use data, and what choices you have as a visitor to this website.

Unfortunately, by their very nature, these explanations tend to sound very technical; however, we have made every effort to describe the most important points as simply and clearly as possible.

Automatic Data Storage

When you visit websites nowadays, certain information is automatically created and stored—this also applies to this website.

When you access our website as you are doing right now, our web server (the computer on which this website is hosted) automatically stores data such as

  • the address (URL) of the accessed webpage
  • browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (referrer URL)
  • the hostname and IP address of the device from which access is made
  • date and time

in files (web server log files).

Web server log files are generally stored for two weeks and then automatically deleted. We do not share this data, but we cannot rule out that it may be reviewed in the event of unlawful behavior.

Cookies

What exactly are cookies?

 Whenever you browse the internet, you use a browser. Common browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: cookies are very useful helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other types of cookies for different applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, essentially the “brain” of your browser. A cookie consists of a name and a value. In addition, one or more attributes must be specified when defining a cookie.

Cookies store certain user data, such as language settings or personal page preferences. When you revisit our website, your browser sends the “user-related” information back to our site. Thanks to cookies, our website knows who you are and provides you with the settings you are used to. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each one stores different data. The expiration time of a cookie also varies, ranging from a few minutes to several years. Cookies are not software programs and do not contain viruses, trojans, or other “malware.” Cookies also cannot access information on your PC.

For example, cookie data may look like this:

Name: _ga
Value: GA1.2.1326744211.152121240054-9
Purpose: Differentiation of website visitors
Expiration date: after 2 years

These are the minimum sizes a browser should be able to support:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total


What types of cookies are there?

 The question of which cookies we specifically use depends on the services used and is explained in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

Four types of cookies can be distinguished:

Essential cookies

These cookies are necessary to ensure the basic functions of the website. For example, these cookies are required when a user adds a product to the shopping cart, continues browsing other pages, and only later proceeds to checkout. Thanks to these cookies, the shopping cart is not deleted even if the user closes the browser window.

Functional cookies

These cookies collect information about user behavior and whether the user encounters any error messages. They are also used to measure loading times and the website’s behavior in different browsers.

Preference cookies

These cookies improve usability. For example, they store entered locations, font sizes, or form data.

Advertising cookies

These cookies are also called targeting cookies. They are used to deliver advertising tailored to the user. This can be very useful, but also quite annoying.

Typically, when you first visit a website, you are asked which types of cookies you want to allow. And of course, this decision is also stored in a cookie.

How can I delete cookies?

 How and whether you want to use cookies is your decision. Regardless of which service or website the cookies come from, you always have the option to delete, deactivate, or only partially allow cookies. For example, you can block third-party cookies while allowing all other cookies.

If you want to find out which cookies are stored in your browser, or if you want to change or delete cookie settings, you can find this in your browser settings:

  • Chrome: Delete, enable, and manage cookies in Chrome
  • Safari: Manage cookies and website data in Safari
  • Firefox: Delete cookies to remove data that websites have stored on your computer
  • Internet Explorer: Delete and manage cookies
  • Microsoft Edge: Delete and manage cookies

If you generally do not want cookies, you can configure your browser so that you are always notified when a cookie is about to be set. This allows you to decide for each individual cookie whether to allow it or not. The procedure varies depending on the browser. It is best to search for instructions on Google using terms such as “delete cookies Chrome” or “disable cookies Chrome” if you are using Chrome.

What about my data protection?

Since 2009, there have been so-called “cookie guidelines.” These stipulate that storing cookies requires the user’s consent. However, there are still very different responses to these guidelines across EU countries. In Austria, this directive was implemented in § 96 Abs. 3 of the Telecommunications Act (TKG).

If you would like to learn more about cookies and are not deterred by technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) titled “HTTP State Management Mechanism.”

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, email address, address, or other personal information provided via a form or blog comments, is used solely for the stated purpose, together with the time of submission and IP address, stored securely, and not shared with third parties.

We therefore only use your personal data for communication with visitors who explicitly request contact and for the processing of services and products offered on this website. We do not pass on your personal data without consent; however, we cannot rule out that such data may be accessed in the event of unlawful behavior.

If you send us personal data by email – thus outside of this website – we cannot guarantee secure transmission or protection of your data. We recommend that you never transmit confidential data via unencrypted email.

Rights under the General Data Protection Regulation

 Under the provisions of the GDPR and the Austrian Data Protection Act (DSG), you are generally entitled to the following rights:

  • Right to rectification (Art. 16 GDPR (DSGVO))
  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR (DSGVO))
  • Right to restriction of processing (Art. 18 GDPR (DSGVO))
  • Right to notification – obligation to inform regarding the rectification or erasure of personal data or restriction of processing (Art. 19 GDPR (DSGVO))
  • Right to data portability (Art. 20 GDPR (DSGVO))
  • Right to object (Art. 21 GDPR (DSGVO))
  • Right not to be subject to a decision based solely on automated processing, including profiling (Art. 22 GDPR (DSGVO))

If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed, you may lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/.

Analysis of visitor behavior

In the following privacy policy, we inform you whether and how we evaluate data from your visit to this website. The evaluation of collected data is generally carried out anonymously, and we cannot draw conclusions about your identity based on your behavior on this website.

You can find more information about how to object to such analysis of visitor data in the following privacy policy.

TLS encryption with HTTPS

We use HTTPS to transmit data securely over the internet (data protection by design, Art. 25 Abs. 1 GDPR (DSGVO)). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize this secure data transmission by the small lock symbol in the top left of your browser and by the use of “https” (instead of “http”) as part of our website address.

Google Analytics Privacy Policy

We use the analysis tracking tool Google Analytics (GA) on our website provided by the American company Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics collects data about your interactions on our website. For example, if you click a link, this action is stored in a cookie and sent to Google Analytics. Using the reports we receive from Google Analytics, we can better adapt our website and services to your needs. Below we explain the tracking tool in more detail and inform you in particular about which data is stored and how you can prevent this. 

What is Google Analytics?

Google Analytics is a tracking tool used to analyse the traffic on our website. In order for Google Analytics to work, a tracking code is embedded into the code of our website. When you visit our website, this code records various actions you perform on the site. Once you leave our website, this data is sent to Google Analytics servers and stored there.

Google processes this data and provides us with reports about your user behaviour. These reports may include, among others, the following:

  • Audience reports: These help us better understand our users and who is interested in our services.
  • Advertising reports: These allow us to analyse and improve our online advertising more easily.
  • Acquisition reports: These provide useful information on how we can attract more people to our services.
  • Behaviour reports: These show us how you interact with our website. We can see the path you take on our site and which links you click.
  • Conversion reports: A conversion refers to a process where you complete a desired action as a result of a marketing message – for example, when you turn from a website visitor into a buyer or newsletter subscriber. These reports help us understand how our marketing efforts are received, allowing us to improve our conversion rate.
  • Real-time reports: These show us what is happening on our website at any given moment. For example, we can see how many users are currently reading this text.


Why do we use Google Analytics on our website?

Our goal with this website is clear: we want to provide you with the best possible service. The statistics and data provided by Google Analytics help us achieve this goal.

The analysed data gives us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimise our site so that interested users can find it more easily on Google. On the other hand, the data helps us better understand you as a visitor. This allows us to know exactly what needs to be improved on our website in order to offer you the best possible service.

The data also helps us make our advertising and marketing measures more targeted and cost-efficient. Ultimately, it only makes sense to show our products and services to people who are interested in them.

What data is stored by Google Analytics?

Google Analytics generates a random, unique ID using a tracking code, which is linked to your browser cookie. This allows Google Analytics to recognise you as a new user. When you visit our site again, you are identified as a “returning” user. All collected data is stored together with this user ID. This makes it possible to analyse pseudonymous user profiles.

Your interactions on our website are measured using identifiers such as cookies and app instance IDs. Interactions refer to all types of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated by Google Analytics may be linked with third-party cookies. Google does not share Google Analytics data unless we, as the website operator, explicitly approve it. Exceptions may apply if disclosure is legally required.

The following cookies are used by Google Analytics:

Name: _ga
Value: 2.1326744211.152121240054-5
Purpose: By default, analytics.js uses the _ga cookie to store the user ID. It is mainly used to distinguish website visitors.
Expiration: After 2 years

Name: _gid
Value: 2.1687193234.152121240054-1
Purpose: This cookie is also used to distinguish website visitors.
Expiration: After 24 hours

Name: gat_gtag_UA
Value: 1
Purpose: Used to reduce the request rate. If Google Analytics is implemented via Google Tag Manager, this cookie is named dc_gtm.
Expiration: After 1 minute

Name: AMP_TOKEN
Value: No information available
Purpose: Contains a token used to retrieve a user ID from the AMP client ID service. Other possible values indicate opt-out, request, or error states.
Expiration: Between 30 seconds and 1 year

Name: __utma
Value: 1564498958.1564498958.1564498958.1
Purpose: Used to track user behaviour and measure website performance. The cookie is updated every time information is sent to Google Analytics.
Expiration: After 2 years

Name: __utmt
Value: 1
Purpose: Used to throttle request rates, similar to gat_gtag_UA.
Expiration: After 10 minutes

Name: __utmb
Value: 3.10.1564498958
Purpose: Used to determine new sessions. It is updated each time new data is sent to Google Analytics.
Expiration: After 30 minutes

Name: __utmc
Value: 167421564
Purpose: Used to determine new sessions for returning visitors. This is a session cookie and is stored only until the browser is closed.
Expiration: When the browser is closed

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: Used to identify the source of traffic to the website. It stores where you came from, such as another website or an advertisement.
Expiration: After 6 months

Name: __utmv
Value: No information available
Purpose: Used to store custom user data. It is updated whenever information is sent to Google Analytics.
Expiration: After 2 years

Note: This list cannot claim to be exhaustive, as Google frequently changes its cookies.

Here we provide you with an overview of the most important data collected by Google Analytics:

Heatmaps: Google creates so-called heatmaps. Heatmaps show exactly which areas you click on. This allows us to see where you “move around” on our website.

Session duration: Session duration refers to the amount of time you spend on our site without leaving it. If you are inactive for 20 minutes, the session is automatically ended.

Bounce rate: A bounce occurs when you view only one page on our website and then leave the site again.

Account creation: If you create an account or place an order on our website, Google Analytics collects this data.

IP address: The IP address is only stored in a shortened form so that it cannot be directly linked to an individual.

Location: Based on the IP address, the country and your approximate location can be determined. This process is also known as IP-based geolocation.

Technical information: Technical information includes, among other things, your browser type, your internet service provider, or your screen resolution.

Traffic source: Google Analytics and we are also interested in which website or advertisement you used to reach our site.

Additional data may include contact details, any ratings, media playback (e.g. when you watch a video on our site), sharing content via social media, or adding items to your favourites. This list is not exhaustive and is intended only as a general overview of the data stored by Google Analytics.

How long and where is the data stored?

Google has servers distributed around the world. Most servers are located in the United States, so your data is usually stored on American servers. You can find detailed information about Google data centre locations here: https://www.google.com/about/datacenters/inside/locations/?hl=en

Your data is distributed across multiple physical storage devices. This has the advantage that data can be retrieved more quickly and is better protected against manipulation. Each Google data centre has appropriate emergency systems in place. For example, if hardware fails or natural disasters affect servers, the risk of service interruption remains low.

By default, Google Analytics stores user data for 26 months, after which it is deleted. However, we can choose the retention period ourselves. The following options are available:

  • Deletion after 14 months
  • Deletion after 26 months
  • Deletion after 38 months
  • Deletion after 50 months
  • No automatic deletion

Once the selected period expires, data is deleted once per month. This retention period applies to data linked to cookies, user identifiers, and advertising IDs (e.g. DoubleClick cookies). Reports are based on aggregated data and are stored independently of user-level data. Aggregated data refers to the combination of individual data into larger datasets.

How can I delete or prevent data storage?

Under European Union data protection law, you have the right to access, update, delete, or restrict your data. You can prevent Google Analytics from using your data by installing the browser add-on for disabling Google Analytics JavaScript (ga.js, analytics.js, dc.js). You can download it here:
https://tools.google.com/dlpage/gaoptout?hl=en

Please note that this add-on only disables data collection by Google Analytics.

If you want to generally manage, delete, or disable cookies (not just Google Analytics), each browser provides its own instructions:

  • Chrome: Delete, enable, and manage cookies in Chrome
  • Safari: Manage cookies and website data in Safari
  • Firefox: Delete cookies to remove data stored by websites on your computer
  • Internet Explorer: Delete and manage cookies
  • Microsoft Edge: Delete and manage cookies

Google Analytics is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the secure and compliant transfer of personal data. More information can be found here:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=121240054

We hope we have provided you with the most important information regarding Google Analytics data processing. If you would like to learn more about the tracking service, we recommend the following links:
http://www.google.com/analytics/terms/de.html
https://support.google.com/analytics/answer/6004245?hl=en

Google Analytics IP Anonymisation

We have implemented IP address anonymisation in Google Analytics on this website. This function was developed by Google to help websites comply with applicable data protection regulations and recommendations from local data protection authorities where the storage of full IP addresses is not permitted. IP anonymisation or masking takes place as soon as IP addresses reach the Google Analytics data collection network and before any storage or processing of the data occurs.

More information about IP anonymisation can be found here:
https://support.google.com/analytics/answer/2763052?hl=en

Google Analytics reports on demographic characteristics and interests

We have enabled advertising reporting features in Google Analytics. Reports on demographic characteristics and interests include information such as age, gender, and interests. This allows us – without being able to assign this data to individual persons – to gain a better understanding of our users. More information about advertising features can be found here:
https://support.google.com/analytics/answer/3450482?hl=en

You can disable the use of your activity and information from your Google account under “Ad Settings” at: https://adssettings.google.com/authenticated

Google Analytics opt-out link

If you click the following opt-out link, you can prevent Google from recording future visits to this website. Please note: deleting cookies, using incognito/private mode, or using a different browser will result in data being collected again.

Disable Google Analytics

Google Analytics data processing amendment

We have entered into a direct customer agreement with Google for the use of Google Analytics by accepting the “Data Processing Amendment” in Google Analytics.

More information about the Google Analytics data processing amendment can be found here:
https://support.google.com/analytics/answer/3379636?hl=en

Google Analytics Google Signals privacy policy

We have activated Google Signals in Google Analytics. This updates existing Google Analytics features (advertising reports, remarketing, cross-device reports, and reports on interests and demographic characteristics) to obtain aggregated and anonymised data from you, provided you have enabled personalised advertising in your Google account.

The special feature here is cross-device tracking. This means your data can be analysed across multiple devices. By enabling Google Signals, data is collected and linked with your Google account. For example, Google may recognise when you view a product on our website via a smartphone and later purchase it using a laptop. With Google Signals enabled, we can run cross-device remarketing campaigns that would otherwise not be possible. Remarketing means that we may also show you our offers on other websites.

Google Signals may also collect additional visitor data in Google Analytics, such as location, search history, YouTube history, and data about your actions on our website. This provides us with improved advertising reports and more useful information about your interests and demographic characteristics. This may include your age, language, place of residence, and gender. Social criteria such as your profession, marital status, or income may also be included. All of these characteristics help Google Analytics define target groups.

These reports help us better understand your behaviour, wishes, and interests. This allows us to optimise and adapt our services and products for you. This data is automatically deleted after 26 months. Please note that this data collection only occurs if you have enabled personalised advertising in your Google account. This is always aggregated and anonymised data, never data about individuals. You can manage or delete this data in your Google account.

Google Tag Manager privacy policy

We use Google Tag Manager provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) on our website. The Tag Manager is one of many useful marketing products from Google. It allows us to centrally integrate and manage code snippets from various tracking tools used on our website.

In this privacy policy, we explain in more detail what Google Tag Manager does, why we use it, and how data is processed.

What is Google Tag Manager?

Google Tag Manager is an organisational tool that allows us to integrate and manage website tags via a user interface. Tags are small code snippets that, for example, record (track) your activities on our website. JavaScript code snippets are inserted into our website’s source code. These tags often come from Google products such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed via the Tag Manager. These tags perform various tasks, such as collecting browser data, feeding marketing tools with data, embedding buttons, setting cookies, and tracking users across websites.

Why do we use Google Tag Manager?

As the saying goes: organisation is half the battle. This also applies to maintaining our website. To optimise our website for you and all users interested in our products and services, we use various tracking tools such as Google Analytics. The collected data helps us understand what interests you most, where we can improve our services, and which audiences we should target.

To make this tracking work, JavaScript code must be integrated into our website. Instead of inserting each code snippet individually, we use Google Tag Manager. It allows us to manage all scripts from one place in an organised way and without programming knowledge.

What data is stored by Google Tag Manager?

The Tag Manager itself does not set cookies or store data. It functions only as a “manager” of the implemented tags. Data is collected by the individual tracking tools (e.g. Google Analytics). The Tag Manager simply passes this data through and does not store it.

The actual data collection is carried out by the respective analytics tools, which may use cookies to collect and process user behaviour data. Please refer to the privacy policies of the individual tools for more information.

We have allowed Google to receive anonymised data about the use of our Tag Manager. However, this does not include your personal data collected via tracking codes. Google may combine anonymised data with data from many other websites for benchmarking purposes. This helps identify trends and optimise processes.

How long and where is the data stored?

If Google stores data, it is stored on Google’s own servers, which are distributed worldwide, mostly in the United States. You can find more information here:
https://www.google.com/about/datacenters/inside/locations/?hl=en

The storage duration of data depends on the individual tracking tools used, as described in their respective privacy policies.

How can I delete or prevent data storage?

Google Tag Manager itself does not set cookies; it only manages tags from other tracking tools. Please refer to the privacy policies of the respective tools for detailed instructions on how to manage or delete your data.

Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates secure data transfers of personal data. More information can be found here:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=121240054

If you would like to learn more about Google Tag Manager, we recommend the FAQ section:
https://www.google.com/intl/en/tagmanager/faq.html